Right now there's more supply than demand when it comes to lawyers who know their way around privacy and information security. But companies and firms have demonstrated a preference for lawyers brandishing certification, such as those from the globally focused International Association of Privacy Professionals.

That's one part of the reason the North Carolina State Bar recently became one of the first bar associations in the country to offer a certification in privacy and information security law.

The other part is the notion that with the absence of a federal privacy standard in America, attorneys looking to make a name for themselves could do well to focus on regulations governing their state of practice.

“Understanding federal law or the general trend among states is important and that is a component of our criteria in North Carolina because we require that people pass that Certified Information Privacy Professional, U.S. exam,” said Matt Cordell, chair of the North Carolina State Bar's privacy and information specialization committee. “But if you don't know the nuances in your state you probably shouldn't be holding yourself out as a specialist in that state.”

North Carolina's specialization requires that applicants have averaged at least 300 hours of practice a year in the privacy and information security field, so it's definitely not a “privacy for novices “ course. Instead Cordell is hoping to attract attorneys who are looking to distinguish themselves from the competition.

Applicants have to complete a rigorous two-part exam that features every statute and law related to privacy and information security that Cordell and his committee could find, especially those in North Carolina. He expects to see the certification become more popular as domestic law firms start to feel the pinch to become full-service agencies and attempt to catch up with the more robust operations already established in Europe.

“The practice area keeps growing. It seems like every month I get an email alert from one of the law firms, whether it's state or regional or national law firms,” Cordell said.

TRU Staffing Partners, a contract staffing and executive placement firm operating in New York City, just recently expanded its cybersecurity and e-discovery focus to include privacy.

Founder and CEO Jared Coseglia expects that 2019 will see a hiring surge in positions such as privacy programming managers, senior associates, privacy consultants and privacy coordinators for corporations. He thinks that there could not be a better time for attorneys looking to transition into the field.

“Within the four months we've probably picked up to 50 privacy attorney positions at the senior associate and partner level. Those positions are very difficult to fill specifically because there's not the breadth of talent available and a lot of that talent has grown up inside corporations, which doesn't necessarily have the same skillset that's needed for law firms,” Coseglia said.

He doesn't expect for their to be a unified federal privacy standard in America anytime soon, further increasing the burden on job-seeking lawyers who have to become familiar with a patchwork of different state regulations. That's where Cordell expects other state bar associations to follow North Carolina's lead.

“I think other states may follow that course. They may decide that it's worthwhile to have a specialization that includes a component of state law distinctions,” Cordell said.